PCCC/dataset/cwe-python/CWE-378/cwe-378.py at ecb50947656cef2dfd7eeed87b27cf2462a4427e · DavisPL/PCCC · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
import os
import tempfile


def process_sensitive_data(data):
    # Create a temporary file with default permissions
    temp_file = tempfile.NamedTemporaryFile(mode='w+t', delete=False) # Add a temp txt file
    temp_file.write(data)
    temp_file.close()

    # Process the data
    with open(temp_file.name, 'r') as file:
        processed_data = file.read().upper()

    # Clean up
    os.unlink(temp_file.name)

    return processed_data

# Usage
sensitive_info = "password123"
result = process_sensitive_data(sensitive_info)

#TODO separate the safe code from the unsafe code and task description and add safe dafny version and a code completion sample in Dafny
# A program that creates a temporary file to store sensitive data
# The temporary file is created with default permissions, which might be
# too permissive and allow other users on the system to read the sensitive data

# --------- Safe version ---------
# import tempfile
# import os

# def process_sensitive_data(data):
#     # Create a temporary file with restricted permissions
#     temp_fd, temp_path = tempfile.mkstemp(text=True)
#     os.close(temp_fd)

#     try:
#         # Set restrictive permissions
#         os.chmod(temp_path, 0o600)

#         with open(temp_path, 'w+t') as temp_file:
#             temp_file.write(data)
#             temp_file.seek(0)
#             processed_data = temp_file.read().upper()

#     finally:
#         # Clean up
#         os.unlink(temp_path)

#     return processed_data

# # Usage
# sensitive_info = "password123"
# result = process_sensitive_data(sensitive_info)